Software Engineer & Cybersecurity Researcher

Build thingsthat matter.

I'm Jhury Kevin Lastre, a passionate Software Engineer with nearly 5 years of professional experience specializing in full-stack development, DevOps, and cybersecurity research. Currently leading OWASP Cebu and pursuing advanced research in 5G Security, Embedded SIM (eSIM), and security protocol analysis in South Korea.

Seoul, South Korea

3+

Years Exp.

8+

Publications

10+

Projects

GitHubLinkedIn
Explore
§

Career Journey

Professional Experience

CyberSecurity Researcher

Current

MobiSec Lab, Kookmin University

Sep 2024PresentSeoul, South Korea
  • Machine learning on Intrusion Detection (RF, Isolation Forest, XGBoost, XAI with SHAP, SLMs, LLMs)
  • IoT Deployment Performance Testbed (Docker, k8s, Prometheus, Grafana k6, tc netem)
  • Deploy 5G Core Network Functions using Open5GS, Docker and Kubernetes
  • Performance testing on security protocols (M2M eSIM, Consumer eSIM, TLS 1.3, PSK 0-RTT)

Software Engineer

Current

Tax Maverick Software

Aug 2024PresentUnited States of America
  • Build and maintain IRS Tax Calculation on Federal and State
  • Build strategy suggestion engine for tax advisors
  • Use LLMs and RAG for strategy comparison
  • Develop new features using Next.js and Supabase

Full Stack Software Developer - Enterprise

WebriQ Technologies

Jul 2024Jul 2024Cebu, Philippines
  • Design a prototype to convert Figma designs to Next.js Code using Open AI
  • Plan and contribute to formulation, development, and overall software architecture

Software Development Engineer (Mid-level)

Lanex Corporation

Sep 2023Jun 2024Cebu City, Philippines
  • Created major features for filtering and data visualization
  • Built management system using Next.js, GraphQL, Prisma and Hasura
  • Developed full-stack project using Nuxt, Laravel and JSON:API
  • Built android application using Kotlin and GraphQL

Software Developer

Purple Cow - Philippines

Jul 2023Sep 2023Cebu City, Philippines
  • Developed backend architecture using Node.js with TypeScript
  • Implemented JWT authentication, API protection, rate limiters
  • Designed database schema for MongoDB
  • Used Azure for hosting, Blob storage and image uploads

Software Developer Intern

Symph

Aug 2022Nov 2022Cebu City, Philippines
  • Frontend development using React and TypeScript
  • Worked with Ant Design and Chakra UI
  • Fixed authentication bugs using Node.js with Passport.js
  • Improved User Experience and reduced cognitive complexity

Academic Background

Education & Learning

Masters in Cybersecurity

Current

Kookmin University (국민대학교)

Sep 2024PresentSeoul, South Korea
  • eSIM & Remote Sim Provisioning
  • Web API Security
  • Cryptanalysis and Formal Verification of Security Protocols

Bachelor of Science in Computer Engineering

University of San Carlos

Aug 2020Jun 2024Cebu City, Philippines
Cum Laude(GPA: 1.33)
§

Featured Work

Selected Projects

TaxMaverick

Tax Strategy application with AI-powered features

  • Optimized load times for Smart pick strategies
  • Usage of Next.js, Supabase, and ShadCN
Next.jsSupabaseAITypeScript

virtual eSIM

GSMA Remote SIM Provisioning for Consumer Device

  • Develop a virtual eSIM using C that interfaces with SM-DP+ and LPAC
  • APDU handlers and manual implementation of cryptographic protocols
CCryptographyeSIMGSMA

Open5GS Roaming in K8s

Docker and Kubernetes implementation of Open5GS network functions

  • Publication and testbed implementation of Open5GS network functions in k8s
KubernetesDocker5GOpen5GS

C.Scope.AI

Microplastic Identification using CNNs

  • Usage of pyTorch, Docker, FastAPI, Roboflow
  • Meta's detectron for microplastic detection and classification
PythonPyTorchDockerML

Other Notable Projects

M2M eSIM Testbed

GSMA Remote SIM Provisioning for Machine to Machine

PythoneSIMGSMA

OWASP Cebu

CTF and Organization Website

Next.jsCTFSecurity

AI Jeongamsu

AI Chatbot support for Kookmin University

AIChatbotLLM

Kuroshio

Mobile and Web app for a Japanese moving company

KotlinNext.jsGraphQL

Regalis

Job Posting/Matcher platform for Japan

Next.jsHasuraPrisma

Chelo

Event management system SaaS

Next.jsDrizzleSaaS

Community & Leadership

Organizations

OWASP Cebu logo

OWASP Cebu

Chapter Lead

Current
Jan 2023PresentVisit Website

Leading the Open Web Application Security Project (OWASP) Cebu chapter, organizing workshops, talks, and community events focused on web application security and cybersecurity awareness in the Philippines.

Key Achievements

  • Organized multiple security workshops and training sessions
  • Built a community of security enthusiasts and professionals
  • Conducted API hacking and web security training programs
  • Created educational content and resources for the community
Cybersecurity
Community Leadership
OWASP
Education

Teaching & Training

Workshops & Speaking

Featured Workshops

Practical API Hacking on the Web

OWASP Cebu Summer Workshop

Jun 2024Cebu, Philippines

Taught burpsuite, wfuzz, ffuf, postman. Managed entire workshop from speakers to audiences and venue

API SecurityPenetration TestingSecurity Tools

Full Stack Generative AI Apps with Next.js, Supabase, Prisma and Open AI

Tech Workshop

May 2024Cebu and Bohol

Comprehensive workshop on building full-stack AI applications

Next.jsSupabasePrisma

All Workshops & Talks

Building Flexible Websites with Next.js and GraphQL

Sprout Up Bohol

Mar 2024Bohol

Taught Next.js, Strapi CMS, and GraphQL API architecture

Next.jsGraphQLStrapi

Introduction to Cybersecurity

iAcademy Cebu

Nov 2023Cebu

Introduction to fundamental cybersecurity concepts and practices

CybersecuritySecurity Fundamentals

Project Taytayan

Google DevFest Cebu 2023

Oct 2023Cebu

Showcase project built using Next.js and Firebase to help workers get training and more job opportunities

Next.jsFirebaseSocial Impact

HTML, CSS, and JavaScript

Google Developer Student Clubs - San Carlos

Aug 2023San Carlos

Taught basic web development skills using the fundamental web technologies

HTMLCSSJavaScript

React.js Workshop

Google Developer Student Clubs - San Carlos

Jul 2023San Carlos

Taught basic React to participants including set up, deployment, hooks, and component lifecycles

ReactJavaScriptComponent Architecture

Firebase Workshop

Google Developer Student Clubs - San Carlos

Jun 2023San Carlos

Taught basic Firebase set up with Vanilla JS. Taught basic cloud functions for CRUD applications in Firestore

FirebaseCloud FunctionsFirestore

Data Structures and Algorithms

Computer Engineering Council - San Carlos

May 2023San Carlos

Helped freshmen review for incoming practical exams involving DSA such as Linked Lists, Trees, and Graphs, as well as basic sorting algorithms

Data StructuresAlgorithmsProblem Solving

JUMP Camp - C programming basics

Computer Engineering Council - San Carlos

Apr 2023San Carlos

Taught C programming fundamentals to kids and teenagers from our partnered local community

C ProgrammingProgramming BasicsCommunity Outreach

Git to the Cloud

Microsoft Learn

Mar 2023Online

Taught basic Git commands and collaboration in Git. Taught industry level flows in terms of how to collaborate with a team. Taught basic CI/CD using GitHub actions and Basic testing using Jest. Taught deployment with CI/CD to AWS App Runner

GitCI/CDGitHub Actions

LinkedIn and Portfolio/Resume Building

Microsoft

Feb 2023Online

Taught portfolio management and Resume building. Taught networking and LinkedIn profile building

Career DevelopmentNetworkingPersonal Branding

Technical Expertise

Skills & Technologies

Languages

TypeScript
JavaScript
Python
C
Kotlin
PHP
SQL

Frontend

React
Next.js
Nuxt.js
Tailwind CSS
ShadCN UI

Backend

Node.js
Express
Laravel
FastAPI
GraphQL

Databases

MongoDB
PostgreSQL
Supabase
Prisma
Hasura
Drizzle

DevOps & Cloud

Docker
Kubernetes
AWS
Azure
CI/CD
GitHub Actions

Security & Research

5G Security
eSIM
TLS
Formal Verification
Penetration Testing
OWASP

ML & AI

PyTorch
XGBoost
XAI/SHAP
LLMs
RAG
§

Publications

08
SIM card and mobile security technology
01/08
Alexandria Engineering Journal (Elsevier)

Revisiting the M2M remote SIM provisioning protocol: A comprehensive security and performance analysis

2026VIEW

First integrated security and performance analysis of M2M RSP protocol using formal verification. Uncovers critical vulnerabilities including absence of Perfect Forward Secrecy and proposes enhancements with TLS 1.3, SCP11b, and hybrid post-quantum cryptography.

5G and 6G network tower infrastructure
02/08
Applied Sciences (MDPI)

Towards 6G Roaming Security: Experimental Analysis of SUCI-Based DoS, Cost, and NF Stress

2026VIEW

This paper presents an experimental analysis of Subscription Concealed Identifier (SUCI)-based Denial of Service (DoS) attacks, their associated costs, and the stress they place on network functions in the context of 6G roaming security.

Neural network and AI for cybersecurity
03/08
Computer Modeling in Engineering & Sciences

Enhancing Roaming Security in Cloud-Native 5G Core Network through Deep Learning-Based Intrusion Detection System

2025VIEW

This research addresses security challenges in 5G roaming by designing a scalable 5G Standalone testbed, generating an intrusion detection dataset tailored to roaming threats, and proposing a deep learning-based intrusion detection framework for cloud-native environments.

Encrypted network security and TLS protocols
04/08
Sensors (MDPI)

Evaluating Transport Layer Security 1.3 Optimization Strategies for 5G Cross-Border Roaming

2025VIEW

This research introduces Zero Round Trip Time Forward Secrecy (0-RTT FS), a novel protocol extension that achieves zero round-trip performance while maintaining comprehensive security properties, including PFS and replay protection.

Mathematical logic and formal verification
05/08
IEEE ICCT Pacific 2025

Formal Verification of Remote SIM Provisioning Common Mutual Authentication using BAN Logic

2025VIEW

Formal verification of the Common Mutual Authentication protocol used in Remote SIM Provisioning using BAN Logic to ensure security properties are maintained.

AI and machine learning for fraud detection
06/08
Medium - OWASP Cebu

With Great Power Comes Great Explainability: Leveraging XAI and SLMs for Payment Fraud

2024VIEW

Exploring the use of Explainable AI (XAI) and Small Language Models (SLMs) combined with classical machine learning techniques for anomaly detection in payment fraud scenarios.

Authentication and security protocols
07/08
OWASP Cebu

Zero Trust before Zero Trust: Kerberos

2024VIEW

An in-depth analysis of the Kerberos authentication protocol and its role as a precursor to modern Zero Trust security architectures.

Database security and PostgreSQL
08/08
OWASP Cebu

Policy Based Database Protection on PostgreSQL using PL/pgSQL

2024VIEW

Implementation and analysis of policy-based security mechanisms for database protection using PostgreSQL's procedural language.

01
08
SCROLL TO EXPLORE